﻿<?xml version="1.0" encoding="utf-8" ?>   
 <access-policy>
     <cross-domain-access>
        <policy>
          <allow-from http-request-headers="*">
            <domain uri="*"/>   
      </allow-from>  
          <grant-to>
            <resource include-subpaths="true" path="/"/> 
      </grant-to> 
    </policy>  
  </cross-domain-access>
</access-policy>